$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/6490D3D85678E9C1587D21E9545EF730D21346B5.cer File: 6490D3D85678E9C1587D21E9545EF730D21346B5.cer (raw, json) Hash identifier: w1h+g3nrQmfJKZrzLgVmLIJ64k7HHzo9mb7jEjzstz4= Subject key identifier: 64:90:D3:D8:56:78:E9:C1:58:7D:21:E9:54:5E:F7:30:D2:13:46:B5 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 65F7A583EB8E91FDB4298AA3DD1670237D8833A8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/d88575c8-54fe-4801-a7b1-517d0e6b8b73/0/6490D3D85678E9C1587D21E9545EF730D21346B5.mft caRepository: rsync://repo-rpki.idnic.net/repo/d88575c8-54fe-4801-a7b1-517d0e6b8b73/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 04 Jul 2025 19:05:41 +0000 Certificate not after: Fri 03 Jul 2026 19:10:41 +0000 Subordinate resources: IP: 160.20.220.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Jul 2025 13:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:f7:a5:83:eb:8e:91:fd:b4:29:8a:a3:dd:16:70:23:7d:88:33:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jul 4 19:05:41 2025 GMT Not After : Jul 3 19:10:41 2026 GMT Subject: CN=6490D3D85678E9C1587D21E9545EF730D21346B5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:5a:14:f6:29:41:92:28:b6:73:91:25:7a:b2: 2f:1d:44:20:7a:6f:e3:62:f9:5d:cd:9f:00:c6:46: a5:22:00:f9:1d:c7:a2:ab:58:72:4c:9a:cd:82:1a: 58:27:bd:95:92:a7:ef:91:66:07:83:03:a9:db:7f: ba:9b:cc:2a:78:10:1a:cf:99:29:ed:e0:0b:48:e0: ce:f4:64:51:a6:f4:c3:9b:cc:8a:54:76:b5:22:2c: 0a:45:bf:3a:ea:ee:8c:d0:7d:4b:d4:69:fa:f7:a3: f9:90:51:4b:ca:03:b4:f5:8b:ee:b2:bb:c0:ab:fb: 8d:a9:94:f9:1f:a5:34:63:f6:be:3d:e3:da:9c:b9: 1e:4b:37:33:03:ba:61:1c:95:c9:d8:da:4d:d0:68: 26:9f:a6:04:c9:a0:da:c1:e4:8c:ae:88:8d:ae:0e: 9e:3b:b2:e2:23:04:8f:ba:36:07:01:38:dc:06:da: 5d:78:ce:45:d1:c6:7c:12:ba:53:c0:ad:7f:06:b9: 30:a1:a4:a1:83:5e:d8:72:8e:5e:9e:af:9e:2f:8c: 85:e4:35:3c:ee:24:dc:b7:0b:13:44:bb:21:fb:fc: 8e:57:0e:64:65:d0:85:ca:45:f6:ce:a0:fe:36:08: 95:ad:9b:28:15:bf:b0:6d:a7:25:51:61:53:95:1e: ef:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 64:90:D3:D8:56:78:E9:C1:58:7D:21:E9:54:5E:F7:30:D2:13:46:B5 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/d88575c8-54fe-4801-a7b1-517d0e6b8b73/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/d88575c8-54fe-4801-a7b1-517d0e6b8b73/0/6490D3D85678E9C1587D21E9545EF730D21346B5.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.20.220.0/24 Signature Algorithm: sha256WithRSAEncryption 6e:50:b2:4b:8c:4a:e3:f9:fb:29:d9:fe:44:84:0e:e1:80:f0: 31:d1:f6:a3:87:71:01:5b:32:85:d6:5d:b4:d8:67:b1:42:a8: 0d:34:99:d0:39:a6:a7:e4:2b:c7:a3:d7:44:59:81:b7:49:25: 50:86:55:3f:20:5f:0f:c5:2c:70:33:c8:17:1d:5c:2f:bd:90: ed:5a:95:e1:e5:48:2a:8a:c1:8c:b2:d2:f6:c5:5f:62:3a:d8: 75:0a:97:01:76:6b:f6:f6:46:2e:c8:3c:56:70:b4:90:05:ae: 46:90:89:c1:a2:bd:99:50:33:de:60:31:e1:e1:76:77:98:c8: 59:ea:93:82:15:f7:94:05:8e:f3:c8:97:e8:8c:54:5f:44:c5: 0c:1f:d9:ff:65:c1:a3:e3:6b:b0:4f:f0:47:74:42:39:db:e5: 64:a3:6d:34:43:4b:33:0c:08:77:34:e2:07:4f:ea:65:52:2f: 57:a4:0b:62:a2:37:8a:66:34:0d:a5:e7:8e:eb:72:a3:a2:57: 5f:d9:20:cd:07:f9:67:9a:14:f9:b4:69:82:5c:75:b2:1e:24: f9:5b:66:81:59:7b:50:11:56:74:e5:ce:3e:7a:bd:37:d3:98: bd:4a:e1:66:03:ab:98:4f:a2:f7:29:45:02:76:fa:da:50:11: ac:ed:6c:e4 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUZfelg+uOkf20KYqj3RZwI32IM6gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDcwNDE5MDU0MVoX DTI2MDcwMzE5MTA0MVowMzExMC8GA1UEAxMoNjQ5MEQzRDg1Njc4RTlDMTU4N0Qy MUU5NTQ1RUY3MzBEMjEzNDZCNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANNaFPYpQZIotnORJXqyLx1EIHpv42L5Xc2fAMZGpSIA+R3HoqtYckyazYIa WCe9lZKn75FmB4MDqdt/upvMKngQGs+ZKe3gC0jgzvRkUab0w5vMilR2tSIsCkW/ OurujNB9S9Rp+vej+ZBRS8oDtPWL7rK7wKv7jamU+R+lNGP2vj3j2py5Hks3MwO6 YRyVydjaTdBoJp+mBMmg2sHkjK6Ija4Onjuy4iMEj7o2BwE43AbaXXjORdHGfBK6 U8Ctfwa5MKGkoYNe2HKOXp6vni+MheQ1PO4k3LcLE0S7Ifv8jlcOZGXQhcpF9s6g /jYIla2bKBW/sG2nJVFhU5Ue7wUCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFGSQ09hWeOnBWH0h6VRe9zDSE0a1MB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9kODg1NzVjOC01NGZlLTQ4MDEtYTdiMS01MTdkMGU2YjhiNzMvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2Q4ODU3NWM4 LTU0ZmUtNDgwMS1hN2IxLTUxN2QwZTZiOGI3My8wLzY0OTBEM0Q4NTY3OEU5QzE1 ODdEMjFFOTU0NUVGNzMwRDIxMzQ2QjUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACgFNwwDQYJKoZIhvcNAQELBQADggEBAG5QskuMSuP5+ynZ/kSEDuGA8DHR9qOH cQFbMoXWXbTYZ7FCqA00mdA5pqfkK8ej10RZgbdJJVCGVT8gXw/FLHAzyBcdXC+9 kO1aleHlSCqKwYyy0vbFX2I62HUKlwF2a/b2Ri7IPFZwtJAFrkaQicGivZlQM95g MeHhdneYyFnqk4IV95QFjvPIl+iMVF9ExQwf2f9lwaPja7BP8Ed0Qjnb5WSjbTRD SzMMCHc04gdP6mVSL1ekC2KiN4pmNA2l547rcqOiV1/ZIM0H+WeaFPm0aYJcdbIe JPlbZoFZe1ARVnTlzj56vTfTmL1K4WYDq5hPovcpRQJ2+tpQEaztbOQ= -----END CERTIFICATE-----Generated at Mon Jul 21 00:17:15 2025 by rpki-client